Detecting Advanced Bots Using Active Interrogation

Posted by Will Woodson | Lead Security Engineer on Jun 18, 2019 11:47:26 AM

Last year ThreatX announced enhanced bot detection and mitigation capabilities which enabled us to identify and stop malicious bots from accessing our customers’ applications. In this post we present a recent case where we have been able to use these features, namely active bot interrogation, to drastically reduce the volume of possible bot requests sent by suspicious source entities, reducing the number of useless or undesirable requests processed by the customer application and mitigating bot threats like credential stuffing, account takeover (ATO), and fraudulent transactions.

Read More

Topics: Threat Intelligence

Malicious Bot Detection Through A Complex Proxy Network

Posted by ThreatX Labs on Apr 17, 2019 7:03:26 AM

A malicious entity operating a botnet to execute credential stuffing or password spraying attacks will frequently be stopped after a series of application login attempts by an app security solution, such as a WAF, and specific bot protection solutions. As a result of these attempts, IP addresses used by the attacker will often end up in IP reputation lists and will be blacklisted by many sites.

Read More

Topics: Threat Intelligence

Using a Next-Gen WAF to Identify & Prevent Carding

Posted by Jeremiah Cruit | CISO on Feb 21, 2019 8:16:03 AM

As more and more businesses elect to conduct business online, not only are they subject to additional threats, but their customers are as well. For customers, this is especially true when using and submitting credit cards to complete online transactions. One of the most common attacks in this space is Carding. Carding occurs when an attacker utilizes illegally obtained credit card information (often in bulk), attempts to validate the stolen card numbers, and sells/utilizes the valid credit card information. In 2018, credit card fraud was expected to exceed $6 billion*. This number is only expected to grow as online shopping becomes more widespread and accepted.

Read More

Topics: Threat Intelligence

API Security Lives at the Heart of the Breach

Posted by David Geer on Feb 13, 2019 6:57:00 AM

*We are thrilled to introduce and feature David Geer on the ThreatX Blog. David is a content marketing writer and market influencer specializing in cybersecurity.*

You’ve heard that nation-state hackers stole 145 million consumer records in the 2017 Equifax breach. Did you know that this attack and breaches at Amazon, Facebook, T-Mobile, and the Black Hat security conference all targeted vulnerable APIs?

Thanks to APIs, your consumers, employees, and partners benefit from robust applications with rich features. But, cyberthugs profit too, because they can leverage APIs and their flaws to get to your data.

Thousands of new APIs become available each year on ProgrammableWeb.com alone. The global cloud API market will generate more than $1.7 billion in revenues by 2026, according to Persistence Market Research. With organizations like yours creating and using more APIs each year, the attack surface grows ever broader. Any solution must surround and secure your APIs, apps, and data despite the burgeoning landscape.

Read More

Topics: Web, Application & Hybrid Cloud Security, Threat Intelligence

Marriott’s Costly Mistake: Letting Compliance Trump Security

Posted by Jeremiah Cruit | CISO on Dec 3, 2018 8:29:45 AM

Friday’s news of Marriott’s massive breach sent shock waves throughout the cybersecurity industry and consumer sectors alike. Brian Krebs described the “colossal intrusion” and numerous other security experts joined in to analyze what missteps the chain may have taken, how the breach could have been prevented, and what we as an industry can learn from the catastrophe.

Read More

Topics: Threat Intelligence

Using Android Proxy Browsers - Convenience without Web Application Security

Posted by Aaron Fosdick on Aug 6, 2018 9:03:36 AM

Slow. Antiquated. Android.

Remember the old Android device you used to use? Many of us have old versions of these devices sitting around that worked well 5 or 6 years ago, but are, unfortunately, too slow or outdated to use today. The hardware is lethargic and the Android OS hasn’t been patched for years. This is never more evident than when you try using a web browser on one of these devices and watch it struggle while rendering an element-rich site. The fact is, older devices simply don’t have sufficient CPU power to quickly display a complex page, even those designed to be responsive or mobile friendly.

Read More

Topics: Threat Intelligence

Combatting Botnet Traffic with Behavioral Analysis: Part III

Posted by Will Woodson | Lead Security Engineer on Jul 12, 2018 11:54:37 AM

In the first two parts of this series we discussed methods to identify and block a few different types of botnet traffic, namely commodity comment/form spam and slightly more targeted attacks like distributed password guessing. This final part covers a slightly different way of analyzing malicious web traffic: grouping attackers based on their behavioral characteristics.

Read More

Topics: Threat Intelligence

Combatting Botnet Traffic with Behavioral Analysis: Part II

Posted by Will Woodson | Lead Security Engineer on Jun 28, 2018 11:28:17 AM

The previous post in this series discussed comment spam, one of the most pervasive forms of 'botnet' web traffic and accordingly, one of the least targeted varieties of attack. Part II will discuss a more serious form of botnet traffic: Targeted attacks that are coordinated centrally and distributed across multiple actors in an attempt to avoid security controls.

Read More

Topics: Threat Intelligence

ThreatX Labs - Blog

Arm yourself with information and insights on the latest cybersecurity trends to defend against today's most advanced cyber criminals with articles from the leader in SaaS-based web application firewall solutions.

Subscribe Here!

Recent Posts

Follow Me